Thread
: [Fremantle Maemo5]
[x11vnc] Really strange password bypass
View Single Post
cHeXs7eR
2016-07-19 , 17:50
Posts: 26 | Thanked: 56 times | Joined on Jul 2016 @ Where do I live?
#
1
I've been playing around with x11vnc in order to be able to have my phone in my computer screen and hack around more confortably.
I have been able to connect to my phone via VNC (with quite slow screen updating, though...), but setting up the server password made me come across a creepy issue: I was able to connect to my server even typing a 'slightly wrong' password. I'll describe the process I followed in case you want to reproduce it or tell me if I have forgotten anything important:
First of all, after installing x11vnc from the Application Manager, I typed
Code:
x11vnc -storepasswd 5up3rdup3r53cr3t
(obviously a demo purpose pass)
I start my server using
Code:
x11vnc -usepw
and start a terminal in my desktop computer.
Once in my computer, I type
Code:
vncviewer 192.168.1.xxx:5900
When I am asked for my password, I type 5up3rdup3r53cr3t and it just connects normally.
BUT
if I just type 5up3rdup3r53cr3 (missing the final t) or even 5up3rdup3r53 it will also let me connect!
I'm afraid this could be a worrying security issue, but I'm still not sure. Have you ever experienced the same?
P.S. Sorry for the bad list display, I had to use code tags.
Quote & Reply
|
The Following 2 Users Say Thank You to cHeXs7eR For This Useful Post:
jellyroll
,
reinob
cHeXs7eR
View Public Profile
Send a private message to cHeXs7eR
Find all posts by cHeXs7eR